TLS Protect Cloud API for Strata Cloud Manager
Use the TLS Protect Cloud APIs to manage certificates, certificate requests, applications, machine identities, users, teams, event logs, and more. This Open API spec file was created on April 02, 2026. © 2026 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of our trademarks can be found at https://www.paloaltonetworks.com/company/trademarks.html. All other marks mentioned herein may be trademarks of their respective companies.
Authentication
- OAuth 2.0: scmOAuth
- HTTP: Bearer Auth
Strata Cloud Manager APIs authenticate client requests using the OAuth 2.0 Client Credentials flow. Please use the client_id, client_secret values associated with an IAM service account along with a scope value of tsg_id:XXXXXXXXXX, where XXXXXXXXXX is the Tenant Service Group (TSG) ID. The resulting JWT access token should be attached to all API calls as a Bearer token in the Authorization header (ex. Authorization: Bearer tokenstring).
Security Scheme Type: | oauth2 |
|---|---|
OAuth Flow (clientCredentials): | Scopes: |
Strata Cloud Manager APIs authenticate client requests using the OAuth 2.0 Client Credentials flow. Please use the client_id, client_secret values associated with an IAM service account along with a scope value of tsg_id:XXXXXXXXXX, where XXXXXXXXXX is the Tenant Service Group (TSG) ID. The resulting JWT access token should be attached to all API calls as a Bearer token in the Authorization header (ex. Authorization: Bearer tokenstring).
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | bearer |
Bearer format: | JWT |
License MIT